Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Make invoke/call contract require explicit flag to enable reentry #336

Open
leighmcculloch opened this issue Aug 16, 2022 · 6 comments · Fixed by #513
Open

Make invoke/call contract require explicit flag to enable reentry #336

leighmcculloch opened this issue Aug 16, 2022 · 6 comments · Fixed by #513
Assignees
@graydon @jayz22

Comments

@leighmcculloch
Copy link
Member

Contracts have access to calling other contracts but we haven't yet implemented things we discussed would help prevent unintentional re-entry.

The idea is that calling a contract should require setting a flag for whether re-entry is allowed. And in this way the possibility for re-entry will be explicitly visible to the developer.
@jonjove jonjove mentioned this issue Aug 23, 2022
Closed
@graydon graydon self-assigned this Aug 23, 2022
@jayz22 jayz22 self-assigned this Sep 14, 2022
@leighmcculloch leighmcculloch mentioned this issue Sep 17, 2022
Open
@jayz22 jayz22 mentioned this issue Oct 3, 2022
Merged
@jayz22
Copy link
Contributor

jayz22 commented Oct 4, 2022

The host side has disabled reentry. We still need to expose a flag to set it in the host functions and plumb it on the sdk side.

@jayz22 jayz22 reopened this Oct 5, 2022
@jayz22
Copy link
Contributor

jayz22 commented Oct 5, 2022

Reopened to follow up on: #513 (comment)
cc @leighmcculloch

@esteblock
Copy link

Reentrancy is needed to offer liquidity for flashloans.
I like that reentrancy it's by default not allowed... and with a flag whether re-entry is wanted.

@esteblock
Copy link

Hello @leighmcculloch @jayz22 @graydon
Do you have any update on this?

It's better to leave the possibility wuth an explicit flag, than to not let do reentry at all in Soroban!

@jayz22
Copy link
Contributor

jayz22 commented Jun 15, 2023

@esteblock We did not have chance to prioritize this. We may consider it in the next phase. This feature has just not been requested much and we felt it could create more footgun if used carelessly.
I would like to understand first if there is any other ways to enable the flash loan feature without reentry. If you could provide more details (e.g. code snippet or WIP examples) that would be helpful!

@rudewalt
Copy link

Hello, we also need reentrancy feature for our smart-contracts

@gangov gangov mentioned this issue Feb 15, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@graydon graydon

@jayz22 jayz22

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Forbid contract reentry jayz22/rs-soroban-env
6 participants
@graydon @leighmcculloch @esteblock @rudewalt @jayz22 and others